Linux camp has key to Windows 8 boot lockout

by Nancy Owano , Phys.org

(Phys.org)—Microsoft's rocky reputation with the open source community was not exactly obliterated with hardware news surrounding the upcoming launch of the operating system, Windows 8. Systems will come with Secure Boot enabled in the Unified Extensible Firmware Interface (UEFI). Only operating systems with an appropriate digital signature will be able to boot. The worry was that only Windows 8 will run on these systems. Users would find it hard to boot non-Microsoft operating systems. UEFI stands for Unified Extensible Firmware Interface (UEFI)and it defines a software interface between an operating system and platform firmware.

Numerous PCs designed for the mass market will be labeled with Windows 8 and that in turn set many users to think these are tough times for Linux users to boot their favorite Linux flavors. Some see this as a way for Microsoft simply to ensure security over its machines while others see it as a way for Microsoft to push Linux distributions to the back of the line.

Systems with the Designed for Windows 8 that include the Secure Boot can stop unsigned code such as malware from running during the boot process. Any operating system will also be prevented to run if it doesn't have the approved bootloader.

Open source advocates recognize that UEFI has its security merits. Earlier this year, Olaf Kirch, director of the SUSE Linux Enterprise department in SUSE Engineering, called UEFI Secure Boot a useful technology, as it makes life more difficult for attackers to hide a rootkit in the boot chain. At the same time, he said, the basics of its operation, establishing a single root of trust, "conflict with the principles of Open Source development, which must be independent and distributed to work."

Outside Microsoft, big name vendors have been responding with workarounds. Leading Linux names, Canonical, Red Hat, and SUSE have been working on ways that allow their distributions to boot on Windows 8-certified hardware.

The Linux Foundation, meanwhile, has come up with a plan to bypass the problem presented by Secure Boot to enable users of open source operating systems to continue to boot on hardware certified for Windows 8. The foundation has announced it will obtain a key from Microsoft and sign a small pre-bootloader. This will allow the booting of any operating system. In a guest post from James Bottomley, Linux Foundation Technical Advisory Board, talked about the Windows 8 move. "In a nutshell, the Linux Foundation will obtain a Microsoft Key and sign a small pre-bootloader which will, in turn, chain load (without any form of signature check) a predesignated boot loader which will, in turn, boot Linux (or any other operating system)."

This will be a general purpose solution, not just for Linux. The key would not directly enable booting but instead would transfer control to another bootloader to boot an operating system. As such, the workaround is called the"pre-bootloader." The pre-bootloader goes past the Secure Boot process. A boot-loader such as GRUB2 takes over and handles the OS booting.

According to the Foundation, all the work is left to the real bootloader which "must be installed on the same partition as the pre-bootloader with the known path loader.efi (although the binary may be any bootloader including Grub2)."

Once the pre-bootloader is run, the user can boot any OS without having to worry about Secure Boot lockouts. As for a risk that it will turn out to be a vector for malware, the pre-bootloader can be used to boot a CD/DVD installer or LiveCD distribution or even boot an installed operating system in secure mode for any distribution. The pre-bootloader will involve a "present user test." Someone must be present at boot time to confirm the user wants a particular OS to run. After the pre-bootloader carries out its work, it will wait for a prompt for a user before continuing The user test removes the fear that it can be used to carry malware.

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

User comments

Windows 8 is already secure, no one will be able to use it with such a horrible interface. PC industry will quickly realize where the user base is and will tailor hardware to meet the masses. I have used windows for a long time but MS is lost in la la land right now and forgot there is users who have their needs.

Any attempt to add a security feature that annoys the hell out of people, is pointless, as it will just be disabled. How many people disabled UAC in Windows Vista/7 because it was a pain?

For workstations and phones the additional security in UEFI should be well received. For Linux servers, it would be a pain in the butt, having to drive all over town, pressing a key on a keyboard, after a power failure causes 50 servers to reboot.

Why not just use TPM... Sure there are some concerns with TPM such as certain software being locked out that the manufacturer chooses, but that's hypothetical. With secure boot you know for sure MS will try to block at least some software, such as free OSs.

I can't decide whether to ROTFLMAO or to weep. This is both so hilarious and so profoundly pathetic. But hey, not unexpected.

And to top it all, I can just imagine the look on some M$ folks' faces when the FOSS camp simply decided to get a key. I'm still giggling.

But then, I expect M$ to counter with legal gymnastics to the tune of "we don't have to sell them the key", or something about unintended use of hardware that has officially and contractually been restricted to only software (read, OS) from a single vendor. And patents and other land mines thwarting the world.

How about import restrictions to hardware that doesn't contain this W8 thing? Or even blockades of the entire vendors. These are (again) interesting times. But this time for all the wrong reasons.

micro$ has tried to ruin Linux many times before. Micro$ was the secret 50& partner of SCO 'unix' when its business model was to sue and sue even its own customers. Did not work then. This 'secure boot model' will by-passing it run the risk of the by-passer being arrested for 'hacking a security system'?

For Linux servers, it would be a pain in the butt, having to drive all over town, pressing a key on a keyboard, after a power failure causes 50 servers to reboot.

One just needs to buy a new keyboard that after reset will issue any needed keystrokes. Or alternatively other dongle into keyboard cable that does the same thing. Or `fake` keyboard plugged into any free USB port to give those keys after reset. When mass produced such dongles would be inexpensive.

But since Linux is open source an in turn 99% of all the binaries it uses and load -- then this key is essentially in the public domain. So malware needs to load not only a rootkit but a root bootloader based that can load NTFS. It makes for a more sophisticated virus maker. I suspect that this will take only slightly longer than a 5 year trying to read this article. Mind you most 5 year olds have attention span issues, and don't like acronyms or big words.

The cat and mouse game continues. Mainstream computers will NEVER be truly secure, because either the software they run or the users that operate them are flawed and can be circumvented. Its nice to see some attempt at stopping rootkits and MBR viruses. Sadly, malware makers make MONEY, so they will never stop and they will ALWAYS find a way to infect systems, because they get PAID to do it. As far as having difficulty installing linux on a Windows 8 machine, it will be ok, Linux experts will always find a way. And yes, Windows 8 is stupid because you cannot run a tablet OS on a Desktop, just as you wouldnt run a Desktop OS on a Tablet. Get with it, it takes two types of OS's to fit on tablets and desktops.

Just because you have some kind of a Pavlovian knee-jerk paroxysm in connection with that word, doesn't mean everyone else should suddenly censor themselves to keep your neurotic psychoses from exploding.

On a more relevant note, I find the Linux "solution" to the security threat from malware somehow less than impressive.

So what if the user has to push on a key? How does the user know that the bootloader about to be activated, hasn't been tampered with (or replaced) by malware? After all, the above article explicitly mentions that the "work-around" pre-bootloader will make no signature checks on the thing it's passing control over to.

This "solution" is incredibly naive, in the best tradition of FOSS.

Probably a better approach would have been to hardware-protect the boot sector, so that anything written to it must have been pre-encrypted with a correct private key (and gets auto-decrypted on-write with the correct public key). That way, at hackers would need to have first obtained the secret key before they could overwrite any part of the bootloader.

E-mail the story

Linux camp has key to Windows 8 boot lockout

Note

Your email address is used only to let the recipient know who sent the email. Neither your address nor the recipient's address will be used for any other purpose.
The information you enter will appear in your e-mail message and is not retained by Phys.org in any form.

Your message

Newsletter sign up

Get weekly and/or daily updates delivered to your inbox.
You can unsubscribe at any time and we'll never share your details to third parties.

Your Privacy

This site uses cookies to assist with navigation, analyse your use of our services, and provide content from third parties.
By using our site, you acknowledge that you have read and understand our Privacy Policy
and Terms of Use.